<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta, branch yocto-5.0.5</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=yocto-5.0.5</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=yocto-5.0.5'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2024-11-09T14:03:57+00:00</updated>
<entry>
<title>build-appliance-image: Update to scarthgap head revision</title>
<updated>2024-11-09T14:03:57+00:00</updated>
<author>
<name>Steve Sakoman</name>
<email>steve@sakoman.com</email>
</author>
<published>2024-11-09T13:55:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=dce4163d42f7036ea216b52b9135968d51bec4c1'/>
<id>urn:sha1:dce4163d42f7036ea216b52b9135968d51bec4c1</id>
<content type='text'>
(From OE-Core rev: a051a066da2874b95680d0353dfa18c1d56b2670)

Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>weston: backport patch to allow neatvnc &lt; v0.9.0</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Hiago De Franco</name>
<email>hiago.franco@toradex.com</email>
</author>
<published>2024-11-05T17:59:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=297776b0bfabd8260d0e0b7d332cbc8565c4ae80'/>
<id>urn:sha1:297776b0bfabd8260d0e0b7d332cbc8565c4ae80</id>
<content type='text'>
Currently weston 13.0.3 with neatvnc 0.8.1 does not compile when using
VNC:

| Dependency neatvnc found: NO found 0.8.1 but need: '&lt; 0.8.0' ;
matched: '&gt;= 0.7.0'

However weston upstream already increased the allowed version to 0.9.0,
since neatvnc 0.8.0 does not introduce any changes that breaks API used
by the VNC backend. Therefore, backport this patch.

(From OE-Core rev: 4aa19f4444feb3968110935818d8628a95672539)

Signed-off-by: Hiago De Franco &lt;hiago.franco@toradex.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 8516496018a3ee9e81a67d4682bf9784d0eab2bd)
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>e2fsprogs: removed 'sed -u' option</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Aditya Tayade</name>
<email>Aditya.Tayade@kpit.com</email>
</author>
<published>2024-10-21T11:50:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=d2da6b5c5668dbc84b905ba2fe4c9b57b580fd82'/>
<id>urn:sha1:d2da6b5c5668dbc84b905ba2fe4c9b57b580fd82</id>
<content type='text'>
In embedded box, sed might be provided another providers like Busybox,
hence use generic options whenever possible.
/bin/sed -&gt; /etc/alternatives/sed
/etc/alternatives/sed -&gt; /bin/busybox.nosuid

Here used 'sed -u' option is not necessary, hence removed it.

Fixes below error:
sed: invalid option -- 'u'

Also added 'set -eux' option which halts execution of the script
on any failures.

(From OE-Core rev: 5b3b290baa0a83f493b7ca25d5ffa5ff279bcc69)

Signed-off-by: Aditya Tayade &lt;Aditya.Tayade@kpit.com&gt;
Signed-off-by: Pawan Badganchi &lt;Pawan.Badganchi@kpit.com&gt;
Signed-off-by: Mathieu Dubois-Briand &lt;mathieu.dubois-briand@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 07caee1829d2a61bc018fe0e37ecd482922179ee)
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>xserver-xorg: upgrade 21.1.13 -&gt; 21.1.14</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Vijay Anusuri</name>
<email>vanusuri@mvista.com</email>
</author>
<published>2024-11-04T16:01:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=bed155a9f7e865c061c2460701cd545d183edc5b'/>
<id>urn:sha1:bed155a9f7e865c061c2460701cd545d183edc5b</id>
<content type='text'>
Includes security fix CVE-2024-9632

Ref: https://lists.x.org/archives/xorg/2024-October/061765.html

(From OE-Core rev: 79fed0fa3e25e29ed15c2e80c736a44535556a67)

Signed-off-by: Vijay Anusuri &lt;vanusuri@mvista.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 957ba32bc6fdffd3a796a04ba222fae6cd673f7e)
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>python3-lxml=v5.0.2</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>martin.jansa@gmail.com</email>
</author>
<published>2024-10-27T10:33:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=fa4c9ed2e5c132bc9a6f13363f895590d1e4bf28'/>
<id>urn:sha1:fa4c9ed2e5c132bc9a6f13363f895590d1e4bf28</id>
<content type='text'>
* minor upgrade to fix building with gcc-14 on host
* contains 31 commits:
  https://github.com/lxml/lxml/compare/lxml-5.0.0...lxml-5.0.2
  the important one for gcc-14 is:
  https://github.com/lxml/lxml/commit/663041a56a075a8fa1e6ca13ba4c6d1de7043ac2

* https://bugs.launchpad.net/lxml/+bug/2045435
* https://bugs.gentoo.org/917562

(From OE-Core rev: baa0ba7084533907c0735dcb58b4432e0b3072df)

Signed-off-by: Martin Jansa &lt;martin.jansa@gmail.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>go: upgrade 1.22.7 -&gt; 1.22.8</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2024-10-29T19:07:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=3aa52c32a07b8ba5f565278bef1922beac69bc8b'/>
<id>urn:sha1:3aa52c32a07b8ba5f565278bef1922beac69bc8b</id>
<content type='text'>
Upgrade to latest 1.22.x release [1]:

$ git --no-pager log --oneline go1.22.7..go1.22.8
aeccd613c8 (tag: go1.22.8) [release-branch.go1.22] go1.22.8
b4086b7c16 [release-branch.go1.22] syscall: skip TestAmbientCapsUserns when restricted, document
6fab4b9a9e [release-branch.go1.22] runtime: size maps.Clone destination bucket array safely
71655f14ce [release-branch.go1.22] cmd/cgo: correct padding required by alignment

[1] https://github.com/golang/go/compare/go1.22.7...go1.22.8

(From OE-Core rev: 552b9913b25107d7a34611b499b7811896b5f098)

(From OE-Core rev: f3bc0483519fcf08f5e3ccbbbb29de0ec4fc927e)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>go: upgrade 1.22.6 -&gt; 1.22.7</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2024-10-29T19:07:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=f8cef7cc1adfdcdebb788f579e0ccd9d5110a410'/>
<id>urn:sha1:f8cef7cc1adfdcdebb788f579e0ccd9d5110a410</id>
<content type='text'>
Upgrade to latest 1.22.x release [1]:

$ git --no-pager log --oneline go1.22.6..go1.22.7
7529d09a11 (tag: go1.22.7) [release-branch.go1.22] go1.22.7
d4c53812e6 [release-branch.go1.22] go/build/constraint: add parsing limits
2092294f2b [release-branch.go1.22] encoding/gob: cover missed cases when checking ignore depth
b232596139 [release-branch.go1.22] go/parser: track depth in nested element lists
e87be9833e [release-branch.go1.22] runtime: on AIX, fix call to _cgo_sys_thread_create in _rt0_ppc64_aix_lib
676d6100d8 [release-branch.go1.22] cmd/fix: support go versions with patch release
0a525a3ed0 [release-branch.go1.22] os: fix Chtimes test flakes

Fixes CVE-2024-34155, CVE-2024-34156 and CVE-2024-34158

[1] https://github.com/golang/go/compare/go1.22.6...go1.22.7

(From OE-Core rev: 92d609c49c0870ca10fcc39d52a801109d65a98b)

(From OE-Core rev: 4a0ccebab099b3654097ca6ba591eefce58a410e)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>orc: upgrade 0.4.39 -&gt; 0.4.40</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Wang Mingyu</name>
<email>wangmy@fujitsu.com</email>
</author>
<published>2024-09-25T06:48:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=dabe9e157f4eacfeb0bb866391eada8c49a60c06'/>
<id>urn:sha1:dabe9e157f4eacfeb0bb866391eada8c49a60c06</id>
<content type='text'>
Changelog:
===========
- Security: Minor follow-up fixes for CVE-2024-40897
- powerpc: fix div255w which still used the inexact substitution
- x86: work around old GCC versions (pre 9.0) having broken xgetbv
  implementations
- x86: consider MSYS2/Cygwin as Windows for ABI purposes only
- x86: handle unnatural and misaligned array pointers
- orccodemem: Assorted memory mapping fixes
- Fix include header use from C++
- Some compatibility fixes for Musl
- ppc: Disable VSX and ISA 2.07 for Apple targets
- ppc: Allow detection of ppc64 in Mac OS
- x86: Fix non-C11 typedefs
- meson: Fix detecting XSAVE on older AppleClang
- x86: try fixing AVX detection again by adding check for XSAVE
- Check return values of malloc() and realloc()

(From OE-Core rev: a11152a65f27521ec9a546b4dd3c16d04bbd9db4)

Signed-off-by: Wang Mingyu &lt;wangmy@fujitsu.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit ed7e4eb12491968c5f962b7e89d557c2c6d86a33)
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>rust-llvm: Fix CVE-2024-0151</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Deepthi Hemraj</name>
<email>Deepthi.Hemraj@windriver.com</email>
</author>
<published>2024-11-04T05:47:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=43955da4e1d56180ddb064a4de54c6dec35b809b'/>
<id>urn:sha1:43955da4e1d56180ddb064a4de54c6dec35b809b</id>
<content type='text'>
(From OE-Core rev: 175e22f2df542b0e1eb638c43c11eeefe794b0b7)

Signed-off-by: Deepthi Hemraj &lt;Deepthi.Hemraj@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>cve_check: Use a local copy of the database during builds</title>
<updated>2024-11-09T13:53:57+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2024-08-14T12:02:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=35e6556f78078da32510974decf3d24070f6836a'/>
<id>urn:sha1:35e6556f78078da32510974decf3d24070f6836a</id>
<content type='text'>
Rtaher than trying to use a sqlite database over NFS from DL_DIR, work from
a local copy in STAGING DIR after fetching.

(From OE-Core rev: 57de6545695ac11816d670959d9e63666de08e3d)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 03596904392d257572a905a182b92c780d636744)
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
</feed>
